Problem with Security Cert. /PCI Compliance Problems.

We recently replaced an older RV042 router with a brand new RV042 v3 in the office. Shortly thereafter, we started failing our PCI compliance scans from SecurityMetrics. Basically, in order to stay "verified secure", SecurityMetrics just routinely scans our public IP address for security vulnerabilites because we handle some sensitive information in our organization. The scan results are as follows:

Security Vulnerabilities

Protocol

Port

Program

Risk

Summary

TCP

443

https

4

Synopsis : The remote service supports the use of anonymous SSL ciphers. Description : The remote host supports the use of anonymous SSL ciphers. While this enables an administrator to set up a service that encrypts traffic without having to generate and configure SSL certificates, it offers no way to verify the remote host's identity and renders the service vulnerable to a man-in-the-middle attack. Note: This is considerably easier to exploit if the attacker is on the same physical network. See also : http://www.openssl.org/docs/apps/ciphers .htmlSolution: Reconfigure the affected application if possible to avoid use of weak ciphers. Risk Factor: Medium / CVSS Base Score : 4.3 (CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N) [Hide]

TCP

443

https

4

Synopsis : The remote service supports the use of medium strength SSL ciphers. Description : The remote host supports the use of SSL ciphers that offer medium strength encryption, which we currently regard as those with key lengths at least 56 bits and less than 112 bits. Note: This is considerably easier to exploit if the attacker is on the same physical network. Solution: Reconfigure the affected application if possible to avoid use of medium strength ciphers. Risk Factor: Medium / CVSS Base Score : 4.3 (CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N) [Hide]

Whenever I go to log on to the router with a browser (IE, Firefox, Chrome), I get a warning that there is a problem with the security certificate and I have to add an exception in order to view the page. I think these two problems are somehow related but I haven't a found solution yet.

SecurityMetrics support pretty much said it's not their problem and to contact the router mfg. instead.